A perl script to read the LDAP 'networkAddress' attribute of a server or user object from an eDirectory LDAP server and get the TCP/IP address in decimal dot notation.
The network address attribute when read via LDAP is in the form- LDAP Format, String: taggedData = uint32String "#" octetstring byte 0 = uint32String = Address Type: eg. 1 = IP Address (user); 9 = TCP Address (server) byte 1 = char = "#" - separator byte 2 = octetstring - the ordinal value of the address
The following instructions assume that you have a working LDAP server and Perl installed with the Net::LDAP module http://ldap.perl.org/ . Of course, the LDAP 'networkAddress' attribute must be visible for your LDAP proxy user.
This script can be used a command line tool or called from another script by passing the following arguments: - LDAP server qualified DNS name or IP address - Base OU for the LDAP search, o=myorg - CN of the object look up the IP address of, username or server name In that order! eg: netaddr.pl (ldap server) (base dn) (object)
Next you will find my own function that helps me to convert the base64 coded networkAddress in awk scripts. The output of this function presents only the IP address in a dotted decimal format . I hope it can help. It was written for a french company.
function decode(chaine){
# Cette fonction est limitee a la conversion des netAddress IP des serveurs # Novell stockees dans la base eDirectory en format Base64. # Nous ne tenons pas compte ici des 4 premiers octets recuperes, qui precise # le port (NCP) et le transport (UDP, TCP, IP) qui importe peu dans cette procedure.
Hi, I would like to know if is there a way to provide the inverse value, I mean, I got the IP address, and I wanna compare with the value into networkAddress to see if the IP being passed to me matches with the one into NDS.
This took me a good while to figure out, so I hope that the community finds it useful. Please feel free to e-mail me if you have comments or suggestions...
// with a connected and bound ldap connection ldapConn...
LdapEntry server = ldapConn.Read(serverDN); // find server in tree
// retrieve and decode the server's network address
// loop through the multivalued networkaddress field foreach(sbyte[] addrBytes in serverNetAddr.ByteValueArray) {
// get the first character in the line which indicates type char type = (char)addrBytes[0];
if(type == '9') { // only interested in TCP address string serverTCPAddr = ""; for(int i=(addrBytes.Length-4); i<addrBytes.Length; i++) { // last four bytes are the ip address byte b = unchecked((byte)addrBytes[i]); // convert sbyte to byte serverTCPAddr = serverTCPAddr + b; // append value to string if(i>0 && i<(addrBytes.Length - 1)) serverTCPAddr = serverTCPAddr + "."; // brute force the dots }
if ($len > 0) { for ($i=0; $i $byte = substr($networkaddress, $i, 1); $addr .= ord($byte);
if ($addrtype == 1){ // dot separate IP addresses... $addr .= "."; } }
if ($addrtype == 1) { // strip last period from end of $addr $addr = substr($addr, 0, strlen($addr)-1); } } else { $addr .= "address not available."; }